diff options
author | Dr. David Alan Gilbert <dave@treblig.org> | 2013-11-05 23:28:56 +0000 |
---|---|---|
committer | Dmitry V. Levin <ldv@altlinux.org> | 2013-11-05 23:35:56 +0000 |
commit | 85db86e6d9f61566a0de522d4e0dfbfe6787ba61 (patch) | |
tree | f8207397584272c7678bf2c0d0f2235f54f44f42 | |
parent | c2982b5b72335205849265182b23866ffbe7a16c (diff) | |
download | strace-85db86e6d9f61566a0de522d4e0dfbfe6787ba61.tar.gz strace-85db86e6d9f61566a0de522d4e0dfbfe6787ba61.tar.bz2 strace-85db86e6d9f61566a0de522d4e0dfbfe6787ba61.tar.xz |
Add a test for the latest select decoding fix
* test/select.c (main): Add a test for nfds larger than FD_SETSIZE.
-rw-r--r-- | test/select.c | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/test/select.c b/test/select.c index aee9f43..0810fff 100644 --- a/test/select.c +++ b/test/select.c @@ -11,13 +11,24 @@ char buffer[1024*1024*2]; int main() { fd_set rds; + struct timeval timeout; + FD_ZERO(&rds); FD_SET(2, &rds); /* Start with a nice simple select */ select(3, &rds, &rds, &rds, NULL); + /* Now the crash case that trinity found, negative nfds * but with a pointer to a large chunk of valid memory. */ + FD_ZERO((fd_set*)buffer); + FD_SET(2,(fd_set*)buffer); select(-1, (fd_set *)buffer, NULL, NULL, NULL); + + /* Another variant, with nfds exceeding allowed limit. */ + timeout.tv_sec = 0; + timeout.tv_usec = 100; + select(FD_SETSIZE + 1, (fd_set *)buffer, NULL, NULL, &timeout); + return 0; } |